7-Eleven disclosed that an unauthorized third party gained access on April 8 to certain company systems containing franchisee records, according to a notice sent to affected individuals. The company said the compromised documents included information submitted during the franchise application process, including names, addresses, and other unspecified personal data elements.
France’s data protection authority received more than 20,000 complaints last year, handled over 6,000 data breach notifications, and issued nearly €487 million in fines as cybersecurity incidents and privacy enforcement continued to intensify across the country.
The Dutch Data Protection Authority said this week that it has fined MLU BV, the Netherlands-based company behind the European version of the taxi app Yango, €100 million for unlawfully transferring personal data from Norway and Finland to Russia.
A cyberattack that quietly unfolded inside the systems of South Staffordshire Water for nearly two years has resulted in a hefty regulatory penalty and renewed scrutiny of cybersecurity standards across critical infrastructure providers in the UK.
California Attorney General Rob Bonta announced Friday that General Motors has agreed to a proposed $12.75 million settlement over allegations the company illegally sold the driving and location data of hundreds of thousands of Californians to third-party data brokers without consumers’ knowledge or consent.
Australia’s corporate regulator has issued one of its biggest cyber warnings yet, cautioning that the rapid rise of frontier artificial intelligence is fundamentally changing the threat landscape and putting pressure on financial institutions to strengthen their defenses before existing weaknesses are exposed at scale.
A suspected cyberattack involving the widely used learning platform Canvas is drawing growing scrutiny from privacy regulators after universities and college campuses in Norway began reporting potential exposure of student and institutional data linked to the incident.